[ic] Please Help - secure.domainname.com doesn't work.

Mike Heins mikeh@minivend.com
Wed, 4 Apr 2001 15:14:43 -0400

Quoting Bob Puff@NLE (bob@nleaudio.com):
> > when I click on a secure link within the
> > construct demo, it verifies the certificate then MSIE 5.5 says: "You are
> > about to be redirected to a connection that is not secure." 
> That's the same thing that's been happening to me.  I've almost given up
> trying to fix it.  I've tried just about everything I've seen in the docs and
> archives to no avail.  My last solution is to run the whole cart from the
> secure server, because IC apparently doesn't like to see two different
> domains.

One thing I find works well:

AlwaysSecure order ord/basket ord/checkout

And make the targets on all <FORM ...> orders secure as well with
[process secure=1].

What this does is make sure that the order goes to the secure
server. When they browse categories, they may get another session
but it doesn't matter.

(We really need to add that to the FAQ, or better yet do a new
FAQ on different servers.)

As someone pointed out, getting a cert is the best move. Of course
it usually requires a separate IP address which is not good for
name-based virtual hosting. For businesses with any large amount
of orders it more than pays for itself -- it has been proven by
surveys that a not-insignificant portion of customers notice the 
change in URL and refuse to purchase when relocated.

Another common thing developers see -- when the Mall setting is "No" in
interchange.cfg they will share the same cookie for more than one
server when there are multiple catalogs. So the *second* site they
go to is messed up, whereas the customer will never see a problem.

Red Hat, Inc., 131 Willow Lane, Floor 2, Oxford, OH  45056
phone +1.513.523.7621 fax 7501 <mheins@redhat.com>

I don't want to get to the end of my life and find I have just
lived the length of it. I want to have lived the width of it as
well. -- Diane Ackerman